National activities
- Training and mentoring

Best practices for national auditors - Level 1

Duration: 5 days
Number of participants: 8
Number of experts: 2
Language : EN, FR, PT

Operational activity suitable to be delivered on a sub-regional basis

What does it involve?
The course delivers a combination of classroom activities and on-site, practical exercises, aimed at strengthening the skills and competencies of staff recently placed in charge of quality control. The individual subject matters for classroom discussion and exercises (both table-top and on-site) include:

  • Preparations ahead of an audit or inspection;
  • Conducting an on-site audit;
  • Recording observations;
  • Producing an audit report;
  • Evaluating a corrective action plan;
  • Reviewing the implementation of a corrective action plan;
  • Ensuring continued compliance, in particular via covert testing (which may include the procurement of test items);
  • Sustaining quality control activities.

An option for the Partner State (PS) to consider in this course is that of CASE II expert assistance with the development of a national exam for the PS to formally certify its own national auditors. The PS should note, however, that this does not involve ECAC or CASE II certification of any auditor working for the PS. 

Who should participate?
Primarily junior auditors on the staff of (or contracted by) the Civil Aviation Authority. The PS should ensure, however, that each junior auditor nominated for the course has at least one year’s experience in the role, so as to enable participants to raise issues they have come across during the normal course of their auditing duties.

What is expected of the Partner State?

  • Ensure suitable candidates for the course, drawn primarily from the ranks of its junior national auditors;
  • Classroom or conference meeting room facility, including audio-visual equipment.;
  • Transport between the venue and airport for on-site observations;
  • Access to relevant parts of the airport to allow the conduct of practical exercises.

How will it work?
This course is designed to provide an introduction to a wide range of audit and inspection activities associated with the examination of security delivered at an airport (as set out above). As such, the course will be split, commencing with an initial, classroom-based phase that sets the scene and describes the detail of each activity and incorporates table-top exercises. It will then progress to a second element based on-site to practice such activities, with the instructors recording their observations for subsequent discussion and evaluation. If the PS requests in advance, the experts will also offer advice on a national exam to formally certify the PS’s auditors. The CASE II Project can even prepare and deliver the exam on behalf of the PS.

What will be delivered?
The course delivers a range of table-top and on-site exercises, covering the topics mentioned above and includes written material on the various elements. Observations made by the experts during on-site activities will be debated with participants. The practical exercises will each focus on a specific domain subject to quality control, such as hold baggage screening.

 What happens afterwards?
This course is one of a range of quality control-related activities under the CASE II Project. As such, the PS may prefer its auditors to undertake, for example, the more advanced Best Practices for National Auditors – Level Two (BPNA2). Please note, however, that BPNA2 can only be delivered after a minimum of 9 months has elapsed since the delivery of this course (BPNA1), to ensure the recommendations and benefits of the latter have been fully exploited by both the participants and the PS. In addition, there is a specific course tailored to those involved in auditing cargo security. The CASE II Project also offers an activity dedicated to coaching in quality control, which may complement the coaching aspect already included, de facto, in BPNA1 as a result of its strong practical component.

Best practices for national auditors - Level 2

Duration: 3 days
Number of participants: max. 8
Number of experts: 2
Language : EN, FR, PT

Operational activity suitable to be delivered on a sub-regional basis

What does it involve?
The course delivers a combination of classroom activities and on-site, practical exercises in quality control. It looks at ‘best practice’ techniques and encourages participants to raise issues they have come across during the normal course of their auditing duties. The objective is to further strengthen the skills and competencies of staff in charge of quality control and to act as recurrent training. The individual subject matters for classroom discussion and exercises include:

  • Preparations ahead of an audit or inspection;
  • Conducting an audit on site;
  • Recording observations and reviewing documentation;
  • Producing an audit report;
  • Evaluating a corrective action plan;
  • Reviewing the implementation of a corrective action plan;
  • Ensuring continued compliance (in particular via covert testing);
  • Sustaining quality control activities.

An option for the Partner State (PS) to consider in this course is that of CASE II expert assistance with the development of a national exam for the PS to formally certify its own national auditors. The PS should note, however, that this does not involve ECAC or CASE II certification of any auditor working for the PS. This course should take place no earlier than 9 months after the BPNA1 course, to ensure the lessons and recommendations from the latter have been put into practice and given sufficient time to embed. Some topics already dealt with in BPNA1 will be subject to elaboration, alongside other themes not covered by BPNA1, such as the inspection of security equipment. 

Who should participate?
The course is intended to be recurrent training exclusively for experienced national auditors employed directly – or contracted by – the Civil Aviation Authority. 

What is expected of the Partner State?

  • Ensuring suitable candidates for the course drawn from the ranks of its experienced national auditors;
  • Classroom or conference meeting room facility, including audio-visual equipment;
  • Transport between the venue and airport for on-site observations;
  • Access to relevant parts of the airport to facilitate the conduct of practical exercises.

How will it work?
This course is designed to provide both refresher training and a more intensive review of a wide range of audit and inspection activities (as set out above) and is relevant to the examination of security delivered at an airport. As such, the course will be split, commencing with an initial, classroom-based phase that sets the scene and describes the detail of each activity and incorporates table-top exercises. It will then progress to a second element based on-site in order to practice such activities, with the experts recording their observations for subsequent discussion and evaluation. Participants will be encouraged to raise issues that have arisen during the course of their normal duties. In particular, participants should con-sider commenting on their experience of implementing recommendations emerging from BPNA1. If the PS requests in advance, the experts will also offer advice on how to organise a national exam to formally certify the PS’s auditors to the higher level. The CASE II Project can support the PS in preparing and delivering the exam. 

What will be delivered?
The course delivers a range of table-top and on-site exercises, covering the topics mentioned above, including written material on the various elements. Observations made by the experts during on-site activities will be debated with participants. The practical exercises will each focus on a specific domain subject to quality control (access control, aircraft security, airport supplies, passenger and cabin baggage screening, etc.), to be selected during the preparation of the activity between the PS and the CASE project team. 

What happens afterwards?
This course is one of a range of quality control-related activities under the CASE II Project. Among others, there is a specific course tailored for those involved in auditing cargo security and another which focusses on raising awareness on broader airport and airline operations. Following this activity, PSs may wish to request participation in Coaching in Quality Control (p. 24) as it is a recommended complement to the practical elements included in Best Practices for National Auditors

Best practices for national auditors -cargo

Duration: 3 days
Number of participants: 8
Number of experts: 2
Language : EN, FR, PT

Operational activity suitable to be delivered on a sub-regional basis

What does it involve?
The course delivers a combination of classroom activities and on-site, practical exercises on quality control for security within the cargo operation of an airport. It looks at ‘best practice’ techniques and encourages participants to raise issues they have come across during the normal course of their auditing or inspecting duties. The aim is to strengthen the skills and competencies of staff in charge of this specific area of quality control. The individual subject matters include:

  • Preparations ahead of an audit or inspection;
  • Conducting an audit on site within the cargo area and immediately beyond;
  • Recording observations;
  • Producing an audit report;
  • Evaluating corrective action plans
  • Reviewing the implementation of a corrective action plan;
  • Ensuring continued compliance, in particular via covert testing;
  • Sustaining quality control activities.

The course is relevant whether the security of cargo operations involves 100% screening of cargo, or incorporates a secure supply chain (i.e. involving the inspection of regulated agents and known consignors). Therefore, the content of the course will be adapted to the air cargo security regime in force within, or under consideration by, the Partner State (PS). An option for the PS to consider is to utilise CASE II expert assistance with a national exam, allowing the PS to formally certify its own national auditors in cargo compliance. The PS should note, however, that this does not involve ECAC or CASE II certification of any auditor working for the PS.

Who should participate?
Ideal participants are national auditors exclusively employed by the Civil Aviation Authority (either directly or through contract). From within the national auditor population the priorities for participation are those directly involved in quality control activities in the field of cargo and mail security. This activity is particularly suited to recently appointed staff who may benefit from complementary support to their initial training. Furthermore, this activity provides appropriate recurrent training for experienced staff who hold cargo and mail security responsibilities. 

What is expected of the Partner State?

  • Ensuring suitable candidates for the course drawn from the ranks of its national auditors;
  • Classroom or conference meeting room facility, including audio-visual equipment;
  • Transport between the venue and airport for on-site observations;
  • Access to cargo screening and storage facilities to facilitate the conduct of practical exercises, as well as to relevant parts of the airport to facilitate the conduct of practical exercises.

How will it work?
This course will provide material suitable for both refresher and in-depth initial training on a wide range of audit or inspection techniques (as set out above) designed to examine the implementation of cargo-related security controls. As such, the course will commence with a classroom-based phase that sets the scene and describes the detail of each activity, incorporating table-top exercises. It will then progress to a second element, on-site, to practice such activities with the instructors recording their observations for subsequent discussion and evaluation in class. Participants will be encouraged to also raise issues that have arisen during the course of their normal duties and where they feel a more detailed explanation of the principles, or examples of best practice, would help. If the PS requests it in advance, the experts will also offer advice on a national exam to formally certify the auditors of the PS in relation to checking compliance with security requirements in cargo operations.

What will be delivered?
The course delivers a range of table-top and on-site exercises, covering the topics mentioned above and includes written material on the various elements. Observations made by the instructors during on-site activities will be debated with participants.

What happens afterwards?
The CASE II Project offers a range of activities related to quality control aimed at both junior auditors/inspectors and those with more experience. Each PS is encouraged to explore this catalogue to identify other activities which may complement the bespoke needs of the participants of Best Practices for National Auditors – Cargo Compliance. Potential offerings include activities that help participants see the wider context in which audits and inspections are set , those which take an in-depth look at quality control and those which focus on the inspection of security equipment.

Familiarisation with airport operations for security managers /auditors

Duration: 3 days
Number of participants: 8-9
Number of experts: 2
Language : EN, FR

What does it involve?
This training course provides an opportunity for those currently or prospectively involved in quality control of aviation security activities to better understand the relationship between airports, airlines and their operations. The main objective is to improve the operational knowledge of staff with aviation security responsibilities, particularly national aviation security inspectors and auditors. The structure of the course is based on the critical elements associated with the movement of aircraft. It focusses on the operations taking place on the airfield as well as those involving passengers, baggage and cargo. The course will examine the competing priorities that airport and air carrier staff must handle on a daily basis covering subjects beyond security-related issues. The purpose is to provide participants with a background in airport and air carrier activities that will better equip them to perform their duties through knowledge of the wider context in which those duties are set. This familiarisation course should reinforce their understanding of the integration of security measures into the overall operating procedures at the airport. Finally, it will also assist in ensuring security-related quality control activities integrate effectively with those operating procedures.

Who should participate?
The course is aimed primarily at those recently appointed as – or currently close to completing their training to become – aviation security auditors and inspectors. It is also relevant for aviation security managers. 

What is expected of the Partner State?

  • Suitable candidates for the course;
  • A classroom facility including audio-visual equipment;
  • Transport between the venue and airport for on-site observations;
  • The course also involves visits to operators which will include (but not be limited to) the airport manager and air carriers. These visits will involve discussions in small groups with relevant employees. The Partner State is expected to organise such contacts in advance.

How will it work?
The course will be run by 2 experts from the CASE II Project over a period of 3 working days for a maximum of 8-9 participants. It will focus initially on classroom discussion, providing back-ground on the non-security operating procedures of airports and the air carriers that use them, as set out above. The subsequent sessions will, however, be more practical in nature, with participants able to observe broader airport and air carrier operations on site.

What will be delivered?
The expert will ensure written and audio-visual material on the range of operational elements at an airport is distributed among participants, including examples of operational documents. A list of key points emerging from on-site observations will also be circulated after the course. 

What happens afterwards?
This is the first in a series of courses related to quality control, some of which are specifically dedicated to audit and inspection techniques and adapted to different profiles among national auditors (BPNA – level 1, BPNA – level 2 and BPNA – cargo). Others, including this course, deal with wider subject-matters linked to quality control. More broadly, the CASE II Project also offers coaching in quality control issues as well as mentoring on security culture.

Best practices in risk assessment

Duration: 3 days
Number of participants: max. 20
Number of experts: 3
Language : EN, FR

What does it involve?
Risk assessment is a theme which underpins every aspect of the aviation security industry. In order for aviation security professionals to undertake their roles appropriately, a clear understanding of this key topic is essential. Risk and importantly, the ability to assess risk effectively, will determine the success of a security programme. The importance of this topic is underlined by the most recent amendment to Annex 17 which places increased obligations on states in this area. This course delivers an in-depth review of how robust risk assessments are created and how they should influence the development and implementation of a national aviation security programme to ensure security measures and oversight are optimally delivered.

Who should participate?
Risk assessments are fundamental in a variety of aviation environments. As such this course has a wide range of potential participants. Obvious candidates would be those responsible for the planning of quality control activities but the reality is that all aviation security professionals who take decisions in relation to the delivery and/or the assessment of security controls may find the review of this critical topic to be of value.

What is expected of the Partner State?

  • The provision of appropriate participants who are willing to take an active role in the practical aspects of the course;
  • Classroom facilities will be required, to include audio/visual equipment (projector etc.).

How will it work?
Course delivery will take place over 3 days. Participants are limited to 20 to ensure practical elements of the course can be delivered effectively with an opportunity for activities undertaken by participants to be overseen by the ECAC security experts. The course may be provided by ECAC Experts or with the participation of experts from industry / professional organisations. Presentations and discussion will take place which focus on the nature of risk and the importance of effective risk assessments. The initial part of the course will seek to provide under-standing of what a risk assessment is and when and where risk assessments can add critical value. As the course progresses, participants will be shown how to undertake an effective risk assessment and it will be demonstrated as to how a generic approach can be adapted to suit a variety of circumstances. The latter part of the course will provide an opportunity for participants to apply their learning through a practical activity which sees the group divided into teams, each taking responsibility for the under-taking of a risk assessment in a ‘true to life’ scenario. The learning experience will continue through an exploration of participants’ findings and a discussion as to how the information could be used to enhance security performance and effective oversight.

What will be delivered?
Participants will be provided with copies of classroom presentations and supporting documentation which includes a basic template for the undertaking of risk assessments.

What happens afterwards?
Following the course, there is an expectation that the Partner State (PS) will consider how effective risk assessments can be applied to improve their security program and security oversight. Additionally, follow-up support can be provided in the form of mentoring. This provision of targeted support by ECAC experts will be aimed at reviewing the risk assessments developed within the PS in support of their own national security programmes. The review will be in conjunction with PS representatives and is designed to enhance the risk assessment development process and the use of its outputs.

 

Training on landside security assessors

Duration: 4-5 days
Number of participants: 8-9
Number of experts: 2
Language : EN, FR

Operational activity suitable to be delivered on a sub-regional basis

What does it involve? 
The course is designed to train assessors in the examination of vulnerabilities associated with the landside area of an airport and to combine this with threat information so as to conduct an effective risk assessment. The course continues with guidance regarding the development of recommendations aimed at managing residual risks through the application of appropriate security measures. 

Who should participate?
The primary participants should be those considered by the Civil Aviation Authority as having the relevant profile to become vulnerability assessors in relation to landside security at a national level. Based on ECAC’s experience, these could be professionals responsible for delivering landside security, either from a law enforcement agency, the military or a private security contractor. They could also be members of the audit, inspection and regulatory teams of the Civil Aviation Authority, airport management and other members of the Emergency Response Committee at the airport. 

What is expected of the Partner State?

  • Classroom facility, including audio-visual equipment;
  • Access to observe security arrangements in the landside areas of the airport;
  • Transport between the venue and airport for on-site observations.

How will it work?
Two instructors from the CASE II Project will deliver the course (as a national or sub-regional activity) over 4-5 working days to a maximum of 8-9 participants. The agenda will cover: current and emerging threats to landside areas (including threat scenarios and methods of attack); highlights of past global incidents; risk assessment methodologies (including how to identify and measure vulnerabilities); common vulnerabilities for each domain; and an exposition of the full range of mitigation measures. If requested by a PS, advice and support can be provided in relation to the setting of an exam for national assessors (note that this will not be an ECAC certification). This can include the application of an exam at the end of the training by the CASE II instructors, as an option. In addition, the course will involve substantial practical aspects, including table-top exercises on issues such as risk assessment, as well as elements based at the airport to include an examination of landside security arrangements and sub-sequent discussion in the light of current and emerging threats. 

What will be delivered?
Participants will be provided with copies of presentations relating to methodologies, current/emerging threats and mitigation measures. They will also receive technical handouts in relation to appropriate equipment. Additionally, if requested by the PS, a debrief pertaining to the outcome of landside observations can be provided to representatives by the course instructors.

What happens afterwards?
Further support can be considered by the CASE II Project Team which may include support in the setting of a certification examination for assessors within the PS. The CASE II Project also provides complementary activities that can be added to the Country Programme of Action pertaining to the PS. These include vulnerability assessments of landside areas at airports, conducted jointly with the PS (the national expert from the PS can benefit directly from this training during such an exercise). Additionally, a separate available course which may be of interest looks at threats beyond the airport perimeter fence from stand-off weapons, such as Man-Portable Air Defence Systems (MANPADS).

Mentoring on security culture

Duration: 2 days
Number of participants: max. 30
Number of experts: 4-6
Language : EN, FR

What does it involve?
The introduction of a positive security culture into relevant organisations and departments is one of the priorities set out by the civil aviation international community. This priority is reflected in both ICAO’s Global Aviation Security Plan (GASeP) and their decision to make 2021 the “Year of Security Culture”. It is therefore important for the development of security culture to sit high in the agenda for Partner States (PSs). Establishing a strong security culture is a vital mitigation measure in response to the insider threat, although its scope and objectives go much further. The course provides an introduction to security culture by: defining what is meant by the phrase; providing the background to the concept; defining the objectives behind it; and highlighting the advantages it can bring to an organisation, including those that contribute to business success. It will also discuss a regulatory framework that can underpin the introduction of a security culture, as well as the knowledge and tools needed by employees to practice good security. 

Who should participate?
The importance of engendering a positive security culture extends to all players within the aviation industry because all have a role to play in ensuring the safety of the travelling public is not compromised. This activity is therefore not limited to airport operators, airlines, or private security contractors. Depending on the current maturity level of internal security culture, the Civil Aviation Authority, law enforcement, and other agencies involved in policy creation and operational delivery of aviation security should also consider participation. 

What is expected of the Partner State?

  • Ensure participants are drawn from a wide range of organisations and departments previously described. These need not be limited to supervisors as other employees (who may serve as a champion within their organisation) may be suitable;
  • Classroom facilities (including audio and visual equipment).

How will it work?
The course will be delivered over a period of 2 working days, to a maximum of 30 participants, from one large or several smaller organisations. The first phase will explore the definition of a security culture and the rationale behind its development. It will then cover the various elements that make up a security culture, including: the need within an organisation for a shared set of beliefs, attitudes, values and behaviour; educational aspects; engagement by senior leaders and managers; and effective communications, so as to create a work environment that facilitates a positive attitude to security. A third element will look at how a security culture can be embedded within an organisation or department, – including the extent to which legislation and regulation can assist in this respect – and, crucially, how its success can be measured and sustained. 

What will be delivered?
Material to be left with participants will cover all phases of the course (as set out above) including the menu of elements that contribute to an overall security culture. 

What happens afterwards?
The mentoring component of the CASE II Project dedicated to security culture is delivered through a tailored approach. This means that Partner States requiring further support in their efforts to enhance the security culture within their relevant organisations and departments are encouraged to discuss this with the CASE II Project Team following initial course delivery. Examples of follow-up support include the delivery of the initial course to additional organisations, or measuring the efficacy of the implementation of best practice and associated tools introduced in the wake of the initial course.

Mentoring on insider threats

Duration: 3 days
Number of participants: max. 30
Number of experts: 4-6
Language : EN, FR

What does it involve?
The objective is to engage the Partner State (PS) in a discussion on: the threats posed by insiders; the range of mitigation measures and their efficacy; and a regulatory framework to underpin an effective, efficient and sustainable response to such threats. 

Who should participate?
Experts from all relevant agencies within the PS should participate directly in the discussion including representatives of:

  • The Civil Aviation Authority;
  • The Ministry of Interior (police);
  • Other law enforcement agencies; involved in aviation security;
  • National intelligence agencies;
  • Airport management.

What is expected of the Partner State?

  • Ensure that its participants play an active role in the discussion, ensuring, for example, appointed experts have sight of airport procedures and any relevant documentation;
  • Logistical support, in the form of appropriate meeting facilities, transport to and from airports as required;
  • Provision of access to the airport for appointed experts.

How will it work?
The experts will spend up to 3 days discussing course-related issues with a maximum of 30 participants from the PS. This will take the form of classroom-based presentations and interactive debate relating to insider threat. Topics to be discussed include the range of mitigation methods (e.g. background checks and repeat vetting; staff screening; access control; security culture etc.) and examples of best practice in respect of regulations that support mitigation efforts. A visit to the airport, to gain an understanding of existing practices and procedures in relation to staff security, should also form part of the experts’ visit.

What will be delivered?
The experts will provide copies of all presentations and supporting documentation such as those covering examples of best practice, so as to ensure the PS extracts the maximum benefit from the discussion. The core of the discussion will focus on the assessment, update or implementation of a robust background check scheme. This will cover a range of aspects from the necessary legal framework to the definition of the persons to be included in the scheme. Furthermore, it will include the definition of the information to be requested/analysed as part of a background check and the setting of procedures between employers and state authorities. Once the PS has digested the main points from the discussion, the experts appointed to represent the CASE II Project can assist further. As an example, this may include: assistance in the drafting of regulations and related technical and operational procedures as well as coaching in the implementation of preventive mitigation measures. This can take place during the same mission or may form a separate visit, dependent upon circumstances. 

What happens afterwards?
At a later stage, the PS might also consider the addition of complementary CASE II Project risk-related activities to its Country Programme of Action (CPA). One such related activity is the provision of a ‘Vulnerability assessment associated with insider threats’, which will provide an expert assessment of mitigation methods employed. Such further support can be added to the CPA agreed previously with the PS. Additionally, the PS may also wish to consider adding the ‘Mentoring on Security Culture’ activity to its CPA, if it has not already done do. This will help to develop an appreciation as to how an effective security culture can contribute to the mitigation of insider threats. In addition, this complementary activity supports the propagation of a positive security culture within related agencies and operations so as to promote a broader approach to security that is proactive and self-sustaining.

Best practices in identifying and mitigating emerging threats (including cyber)

Duration: 3 days
Number of participants: max. 20
Language : EN, FR

What does it involve?
This activity is designed to provide the Partner State (PS) with an understanding of new and emerging threats to the civil aviation sector. Topics covered include cyber security, threats from chemical and biological weapons and threats from the use of remotely piloted aircraft systems (more commonly referred to as UAS). In addition, the course involves a discussion of current best practice in mitigating such threats, as well as a practical joint exercise on designing mitigation measures to tackle one or more of the threats. Using cyber security as an example, the information provided should include current thinking on: the vulnerability of aircraft and airport systems; the latest existing or draft requirements in Europe (e.g. from EU, EASA, ECAC’s Doc 30); and protecting systems and data.

Who should participate?

  • Government agencies involved in aviation security policy development and delivery (e.g. Civil Aviation Authority, Ministry of Interior, Ministry of Defence and intelligence agencies);
  • Airport management and managers from any private contractors delivering security at the PS’s airports;
  • Airport Emergency Preparedness and Response Committees.
  • Air Traffic Control;
  • Security representatives of an Airport Operations Committee.

What is expected of the Partner State?

  • Ensure suitable participants from a wide range of organisations;
  • Classroom facility, including audio-visual equipment.

How will it work?
The experts will deliver the course over a period of 3 working days to a class not exceeding 20 participants. The discussion will focus initially on the new and emerging threats set out above, together with examples of where such threats have translated into actual or attempted attacks. In the second phase, the discussion will focus on mitigation measures to combat such threats, including some specific and detailed examples of best practice. Specific legislation and regulations to address such threats will also be discussed. Finally, the experts and participants will conduct a joint risk assessment exercise to design mitigation measures to reduce the residual risk from one or more of the threats to an acceptable level. 

What will be delivered?
At the end of the delivery period, the PS will receive: an updated threat picture from the ICAO Risk Context Statement (to which it should have access to as a Contracting State); a written summary of emerging threats; background documents on recent events involving new threats; and details of ‘best practice’ mitigation, including regulations if applicable. In addition, the experts will provide a detailed, written critique of the joint exercise within 5 working days of the end of the delivery period. 

What happens afterwards?
As a result of the outcome of the joint exercise, the PS may feel it appropriate to seek follow-up action within its Country Programme of Action. This might include assistance in relation to the drafting of specific legislation and regulations (especially in the field of cyber security which is likely to be considered as a dominant emerging threat). In relation to emerging threats, vulnerability assessments and other capacity-building activities might be developed by the CASE II Project Team on an ad hoc basis. The expertise for such cyber-related activities are to be provided by the EU CyberNet Project. There is also a planned regional/sub-regional workshop dedicated to emerging threats and which is supplemented with the inclusion of the insider threat. This is aimed at facilitating a broader discussion between neighbouring states on common threats and action that can be taken locally and regionally. In turn, this seeks to support threat mitigation through the encouragement of close cross-border co-operation and the sharing of relevant information.

Mentoring on explosive detection techniques

Duration: 5 days
Number of participants: max. 25
Number of experts: 2
Language : EN, FR

What does it involve?
This activity describes the use of different techniques to detect improvised explosive devices (IEDs) deployed at airports. It looks specifically at two methodologies: firstly, the utilisation of explosive detection dogs (EDD), if applicable in the PS, and secondly, the implementation of explosive trace detection (ETD) equipment. Points to be considered in the selection of the most appropriate means of detection will also be addressed. 

Who should participate?

  • Regulators, auditors and inspectors from the Civil Aviation Authority;
  • State representatives responsible for the operational delivery of aviation security screening services.

What is expected of the Partner State?

  • Classroom facilities (including audio and visual equipment);
  • Access to the airport, in order to observe security screening lanes, as well as other areas where an existing explosive detection capability is present (e.g. hold baggage area and cargo sheds);
  • Transport between the venue and airport for on-site observations.

How will it work?
The expert(s) will deliver the mentoring activity over a period not exceeding 5 working days and to a maximum of 25 participants. The material will be tailored to meet the needs of the PS and will cover part or all of the following: the background relating to IEDs and counter-measures; drafting of operational procedures for the deployment of EDD and ETD; the training and certification of operators using such resources; technical assistance for deployment on-site; and the observation of existing operations and procedures. This activity is aimed either at reviewing the use of technologies already in use, or at supporting the introduction of new technologies. 

What will be delivered?
The expert(s) will ensure the PS receives copies of presentations on IEDs and their mitigation. In addition, technical material on EDD and ETD equipment will be provided. If requested by the PS, the expert(s) can also offer advice on the most suitable mitigation measures, based on the specifics of the aviation security situation in the PS, and/or on current counter-IED operations at the airport. 

What happens afterwards?
Further support can be provided by the CASE II Project, at the request of the PS. For example, this may include the development of certification procedures for operators of EDDs or ETD, or the in-depth examination of the use of existing screening equipment (beyond the level of the review included in this activity).

Mentoring on counter-ManPADS (2 levels)

Duration: 3 missions, each 5-10 days
Number of participants:  20-30
Number of experts: 2-3
Language : EN, FR

What does it involve?
A multi-disciplinary team of experts will assist the Partner State (PS) in the planning, undertaking and follow-up of a risk assessment aimed at effectively mitigating the threat to airports from a range of stand-off weapons including Man-Portable Air Defence Systems (MANPADS). Other weapons include rocket launchers, heavy automatic weapons, sniper rifles, mortars, etc. This assessment is now a required Standard under Annex 17 (chapter 4.3.6) of the Chicago Convention.

Who should participate?
Responding to these threats requires the engagement of a wide number of organisations, hence the multi-disciplinary nature of the delivery team from the CASE II Project. The primary role will fall to:

  • Security forces (police, military, gendarmerie);
  • Air Traffic Control;
  • Airport management;
  • Airport’s Emergency Response Committee.

Each of these organisations should offer individuals for the training, who in turn should also be capable of training others.

What is expected of the Partner State?

  • Ensuring the right level of participation;
  • An appropriate vehicle to observe around and just beyond the airport perimeter fence;
  • If feasible, the provision of airborne means, ideally a helicopter, for a single flight rarely exceeding 90 minutes;
  • Classroom facilities (including audio and visual equipment);
  • Learning material for trainees.

How will it work?
The team of experts (usually from aviation security, air force, counter-terrorism (including police or gendarmerie) and/or airlines (i.e. a commercial pilot) will offer guidance, training and support via a number of distinct phases. The initial objective will be to deliver all phases over a period of up to 24 months.

Phase One:

  • Scoping exercise;
  • Discussions on the objectives and content of the next phases.

This is usually done by or with the support of officials of a specific ECAC Member State with the requisite knowledge/experience and does not require sending counter-MANPADS experts on site.

 

Phase Two:

  • Detailed description of the threat delivered by the full training team;
  • Demonstration of the risk assessment methodology;
  • Identification of potential launch sites;
  • Provision of an outline of the types of mitigation subsequent training can provide.

Phase Three:

  • Focus on in-depth training of the relevant security force in risk assessment and mitigation techniques;
  • Surveillance of potential launch sites identified as key vulnerabilities. This is a key activity and there is an expectation that it is subsequently sustained by the PS as part of a national mitigation framework through local, on-site implementation.

What will be delivered?
The second phase includes an initial assessment by the delivery team of the current threat and existing mitigation, set out in a written report that will also include recommendations on moving to the third phase. Phase Three will also lead to a written report. At the end of the third phase, the PS should be able to: understand the variety of threats posed; carry out mitigation through the identification and monitoring of potential localised launch sites; deploy and sustain a dedicated security force to manage associated risk; co-ordinate seamlessly on risk assessment and mitigation between the appropriate authority, security force, Air Traffic Control and airport management; and embed a detailed response to any threat or actual attack using such weapons within the airport emergency procedures. The PS should also be in a position to expand mitigation efforts through the training and development of security staff at all airports.

 

What happens afterwards?
Since this activity is by definition multi-phase (with at least two missions on site) the follow-up is an integral part of the overall activity. This follow-up is a requirement of the PS, (especially between Phases 2 and 3) and the CASE II Project will seek assurance of its undertaking. Beyond Phase 3, further support can be made available. The objective is to continue the relationship between the PS and the ECAC Member State selected as the provider. For example, assistance may be provided at a later stage in the use of the latest geo-location software to identify potential launch sites, or with the use of unmanned aerial vehicles to assist with patrolling. Note, however, that neither example can include the free provision of relevant software or hardware).

 

Best practices in covert testing

Duration: 4 days
Number of participants: max. 10
Number of experts: 3
Language : EN, FR

What does it involve?
Quality assurance of the implementation of security measures can take many forms but the efficacy of oversight is limited if some form of covert testing is not undertaken. In short, covert testing permits the assessment under ‘real life’ conditions, providing an insight into strengths and weaknesses in the application of security controls. Covert testing can be used in the assessment of a variety of scenarios. This course covers the common theme of the need to develop considered test protocols that take into account the risks associated with testing, especially those relating to the use of simulated/inert prohibited articles.,In addition, participants will be encouraged to consider the approach taken to ensure that test results provide tangible benefit. To do this successfully, every stage needs to be planned with care from test design to the recording and assessment of results. This course covers these areas of complexity so as to provide knowledge and understanding which will allow the optimisation of covert testing programmes. 

Who should participate?
Individuals with the responsibility for the operational delivery of covert testing programmes will benefit from attending this course. Furthermore, individuals who are responsible for the strategic delivery of covert testing programmes may also benefit, particularly in relation to sections of the course dedicated to formulating an effective approach to test programme development. Note that the course is suitable for a Partner State (PS) with no covert testing programme in place and also to those wishing to expand or enhance an existing programme. 

What is expected of the Partner State?

  • The provision of appropriate participants;
  • Classroom facilities will be required to include audio/visual equipment (projector etc.);
  • Provision of a minimum of x4 cabin-bag sized suitcases/holdalls for use in the practical element of the course;
  • Provision of at least x4 test pieces (the exact nature of these can be agreed with the ECAC security expert in advance of the course);
  • The facility to undertake a covert test in a live environment within an X-ray screening environment as part of the practical element of the course;
  • Transport between the venue and airport for on-site activity.

How will it work?
The course delivery will take place over 4 full days. Participants are limited to 10 to ensure appropriate levels of active involvement during practical elements. The first two and a half days will cover the nature, benefits and strategic approach in relation to covert testing. The range of test scenarios and their associated challenges will be discussed and the importance of an effective risk assessment to ensure the safe implementation of tests will be examined. The first half of the course will additionally dedicate significant time the provision of guidance on how to set up an effective test protocol. This will be put to use in the final day and a half: firstly, participants will work together to plan for the undertaking of a covert test following the protocol (preparations can take place in the classroom environment). Secondly, if deemed safe to do so following assessment by the PS, a test event will be conducted and results recorded (again, aligned to the agreed protocol). 

What will be delivered?
Participants will be provided with copies of classroom presentations and supporting documentation which includes a basic template for the undertaking of the covert testing risk assessment.

What happens afterwards?
Following the course, there is an expectation that the PS will consider carefully the benefits of introducing a covert testing programme. Where a programme is already in place a review of the programme with an aim of optimising its delivery is recommended. Additionally, follow-up support can be provided in the form of mentoring and the provision of a second course designed to review and assess the covert test programme of the PS in conjunction with participants.

Best practices in overt testing

Duration: 4 days
Number of participants: max. 10
Number of experts: 3
Language : EN, FR

What does it involve?
An effective overt testing programme in relation to screening by X-ray delivers wide-ranging benefits. At the micro-level, it provides a unique insight into the screening capability of individuals in a manner that cannot be replicated by other forms of oversight. At the macro-level, overt testing has the potential to act as a powerful quality assurance tool with the ability to deliver an assessment of general screening strengths and weaknesses at organisational and national level. The result is a dataset which assists in highlighting areas where subsequent focus can reap the rewards of significant improvement in overall screening performance. This course opens with an introduction to overt testing and its benefits but at its core is guidance on the development and delivery of administrative and practical tasks required for the provision of an effective overt testing programme. 

Who should participate?
This course focusses on overt testing of X-ray screening operatives and will be of interest to organisations in the aviation industry utilising X-ray equipment for the detection of prohibited articles. The course is therefore relevant for the development of organisational-level overt testing programmes in sectors such as airports, cargo and in-flight supplies (where X-ray is utilised) but is also relevant at a national level where the implementation of security controls is overseen by the national appropriate authority. 

What is expected of the Partner State?

  • The provision of participants with responsibility for the management and operational implementation of an overt testing programme. This could include those responsible for developing the structure of an overt testing programme and/or the handling and interpretation of test data as well as individuals who would be physically present and responsible for control/oversight at the time of testing;
  • Classroom facilities will be required for Day 1 and 2, to include audio/visual equipment.
  • Provision of a minimum of x4 cabin-bag sized suit-cases/hold-alls for use in the practical element of the course;
  • Provision of at least x2 test pieces in the form of simulated IEDs, with a preference for those which can remain connected/viable while separating the component parts within an individual bag;
  • The provision of an X-ray machine, for at least the last two days of the course. A machine able to store/recall images is optimal;
  • The provision of at least 5 qualified X-ray screeners to assist on a rotational basis on at least the last two days of the course. These may be sourced from within the group of trainees or provided from an external source (e.g. airport X-ray screeners);
  • Transport between the venue and airport for on-site observations.

How will it work?
The course delivery will require 4 full days. Participants are limited to 10 to ensure appropriate levels of active involvement during practical elements. The first two days will explore the nature and benefits of overt testing and will examine the practicalities of developing an effective and safe overt testing programme. This will cover areas ranging from the organisation and setup of individual test events to the recording of test variables and the analysis of results. The latter half of the course will involve the practical application of what has been learnt over the previous days. This will involve the make-up of test-bags and the undertaking of overt tests in a controlled environment. 

What will be delivered?
Participants will be provided with copies of classroom presentations and supporting documentation such as guidance on the setup of test items. Further support will be provided through the provision of a template for the recording and automated analysis of overt testing data. 

What happens afterwards?
Following the course, there is an expectation that the Partner State will consider the benefits of introducing an overt testing programme or will review programmes already in place. Additionally, follow-up support can be provided in the form of mentoring and the provision of a second course designed to review and assess the covert test programme of the Partner State in conjunction with participants. It is also important to note that an overt testing programme Is not a substitute for a covert testing programme. These programmes can be viewed as complementary and participants of this overt testing course may find the course on Best practices in Covert Testing (BPCT) to be of benefit.